Add 'Android.mk' file, fix compile on Android.
This requires disabling LDPRELOAD and temporarily disabling
capabilities support.
Bug: 22487289
Change-Id: I27476d09605076b000d302f354e49ab17dc96a93
diff --git a/Android.mk b/Android.mk
new file mode 100644
index 0000000..ba6179f
--- /dev/null
+++ b/Android.mk
@@ -0,0 +1,48 @@
+# Copyright (C) 2015 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+LOCAL_PATH := $(call my-dir)
+
+# Common variables
+# ========================================================
+
+minijailCommonCFlags := -D__BRILLO__ -Wall -Werror \
+ -Wno-unused-function -Wno-unused-parameter
+minijailCommonSharedLibraries := libcap-ng
+
+# libminijail shared library for target
+# ========================================================
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := libminijail
+
+# LOCAL_MODULE_CLASS must be defined before calling $(local-generated-sources-dir)
+LOCAL_MODULE_CLASS := SHARED_LIBRARIES
+intermediates := $(local-generated-sources-dir)
+GEN := $(intermediates)/libsyscalls.c
+$(GEN): PRIVATE_CUSTOM_TOOL = $< $(lastword $(CLANG)) $@
+$(GEN): $(LOCAL_PATH)/gen_syscalls.sh
+ $(transform-generated-source)
+LOCAL_GENERATED_SOURCES += $(GEN)
+
+LOCAL_CFLAGS := $(minijailCommonCFlags)
+LOCAL_CLANG := true
+LOCAL_SRC_FILES := \
+ bpf.c \
+ libminijail.c \
+ signal_handler.c \
+ syscall_filter.c \
+ util.c
+LOCAL_SHARED_LIBRARIES := $(minijailCommonSharedLibraries)
+include $(BUILD_SHARED_LIBRARY)
diff --git a/gen_syscalls.sh b/gen_syscalls.sh
index 3121b42..a01d500 100755
--- a/gen_syscalls.sh
+++ b/gen_syscalls.sh
@@ -12,18 +12,13 @@
set -e
-if [ $# -ne 1 ] && [ $# -ne 3 ]; then
- echo "Usage: $(basename "$0") OUTFILE"
- echo "Usage: $(basename "$0") CC CFLAGS OUTFILE"
+if [ $# -ne 2 ]; then
+ echo "Usage: $(basename "$0") CC OUTFILE"
exit 1
fi
-if [ $# -eq 3 ]; then
- CC="$1"
- shift
- CFLAGS="$1"
- shift
-fi
+CC="$1"
+shift
OUTFILE="$1"
# sed expression which extracts system calls that are
@@ -43,7 +38,7 @@
#include "libsyscalls.h"
const struct syscall_entry syscall_table[] = {
$(echo '#include <asm/unistd.h>' | \
- ${CC} ${CFLAGS} -dD - -E | sed -rne "${SED_MULTILINE}")
+ ${CC} -dD - -E | sed -rne "${SED_MULTILINE}")
{ NULL, -1 },
};
EOF
diff --git a/libminijail.c b/libminijail.c
index 0dab24d..1c54a40 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -36,7 +36,7 @@
#include "libminijail.h"
#include "libminijail-private.h"
-#include "signal.h"
+#include "signal_handler.h"
#include "syscall_filter.h"
#include "util.h"
@@ -203,9 +203,14 @@
int API minijail_change_group(struct minijail *j, const char *group)
{
- char *buf = NULL;
- struct group gr;
struct group *pgr = NULL;
+
+#if defined(__BRILLO__)
+ /* Android does not implement getgrnam_r(). */
+ pgr = getgrnam(group);
+#else
+ struct group gr;
+ char *buf = NULL;
ssize_t sz = sysconf(_SC_GETGR_R_SIZE_MAX);
if (sz == -1)
sz = 65536; /* and mine is as good as yours, really */
@@ -225,6 +230,7 @@
*/
free(buf);
/* getgrnam_r(3) does *not* set errno when |pgr| is NULL. */
+#endif
if (!pgr)
return -1;
minijail_change_gid(j, pgr->gr_gid);
@@ -683,6 +689,13 @@
void drop_caps(const struct minijail *j)
{
+#if defined(__BRILLO__)
+ /*
+ * Temporarily disable capabilities support until Minijail can use
+ * libcap-ng.
+ */
+ (void) j;
+#else
cap_t caps = cap_get_proc();
cap_value_t flag[1];
const uint64_t one = 1;
@@ -738,6 +751,7 @@
die("can't apply final cleaned capset");
cap_free(caps);
+#endif
}
void set_seccomp_filter(const struct minijail *j)
@@ -943,6 +957,10 @@
int setup_preload(void)
{
+#if defined(__BRILLO__)
+ /* Don't use LDPRELOAD on Brillo. */
+ return 0;
+#else
char *oldenv = getenv(kLdPreloadEnvVar) ? : "";
char *newenv = malloc(strlen(oldenv) + 2 + strlen(PRELOADPATH));
if (!newenv)
@@ -956,6 +974,7 @@
setenv(kLdPreloadEnvVar, newenv, 1);
free(newenv);
return 0;
+#endif
}
int setup_pipe(int fds[2])
diff --git a/signal.c b/signal_handler.c
similarity index 97%
rename from signal.c
rename to signal_handler.c
index 7342e04..dd0ea4f 100644
--- a/signal.c
+++ b/signal_handler.c
@@ -16,7 +16,7 @@
#include <signal.h>
#include <string.h>
-#include "signal.h"
+#include "signal_handler.h"
#include "util.h"
diff --git a/signal.h b/signal_handler.h
similarity index 70%
rename from signal.h
rename to signal_handler.h
index d68bbb2..939a582 100644
--- a/signal.h
+++ b/signal_handler.h
@@ -1,4 +1,4 @@
-/* signal.h
+/* signal_handler.h
* Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
@@ -6,9 +6,9 @@
* Signal handling functions.
*/
-#ifndef SIGNAL_H
-#define SIGNAL_H
+#ifndef SIGNAL_HANDLER_H
+#define SIGNAL_HANDLER_H
int install_sigsys_handler();
-#endif /* SIGNAL_H */
+#endif /* SIGNAL_HANDLER_H */
